Support/runtipi-appstore
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Initial commit - Runtipi Appstore with Wazuh 4.14.1
Some checks failed
Test / test (push) Has been cancelled
Details

Browse Source 
- Added Wazuh 4.14.1 SIEM/XDR application for Runtipi
- Simplified init scripts following official Wazuh Docker patterns
- Complete documentation in French (description.md)
- Health check diagnostic script (wazuh-health-check.sh)
- SSL/TLS certificates auto-generation
- Whoami test application included

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
Gui-Gos
2026-01-02 12:26:29 +01:00
commit 46122d5a7f
30 changed files with 2584 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

134
apps/wazuh-runtipi/data/scripts/init-dashboard.sh Normal file
View File

@@ -0,0 +1,134 @@
#!/bin/bash
set -e
echo "DASHBOARD_INIT: Starting dashboard initialization..."
CUSTOM_CONFIG="/usr/share/wazuh-dashboard/config/custom/opensearch_dashboards.yml"
# Ensure custom directory exists
echo "DASHBOARD_INIT: Ensuring custom config directory exists..."
mkdir -p /usr/share/wazuh-dashboard/config/custom
# Check if custom config exists, if not create default
if [ ! -s "$CUSTOM_CONFIG" ]; then
echo "DASHBOARD_INIT: Creating default dashboard config..."
cat > "$CUSTOM_CONFIG" << EOF
server.host: 0.0.0.0
server.port: 5601
opensearch.hosts: https://wazuh.indexer:9200
opensearch.ssl.verificationMode: certificate
opensearch.username: ${DASHBOARD_USERNAME:-kibanaserver}
opensearch.password: ${DASHBOARD_PASSWORD:-kibanaserver}
opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"]
opensearch_security.multitenancy.enabled: false
opensearch_security.readonly_mode.roles: ["kibana_read_only"]
server.ssl.enabled: true
server.ssl.certificate: /usr/share/wazuh-dashboard/config/certs/dashboard.pem
server.ssl.key: /usr/share/wazuh-dashboard/config/certs/dashboard-key.pem
opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/config/certs/root-ca.pem"]
uiSettings.overrides.defaultRoute: /app/wazuh
EOF
echo "DASHBOARD_INIT: Default dashboard config created"
else
echo "DASHBOARD_INIT: Custom dashboard config already exists, skipping"
fi
# Create symlink if it doesn't exist
if [ ! -L /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml ]; then
echo "DASHBOARD_INIT: Creating symlink to custom config..."
rm -f /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
ln -s "$CUSTOM_CONFIG" /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
else
echo "DASHBOARD_INIT: Symlink already exists"
fi
# Handle keystore initialization idempotently to avoid interactive prompts
KEYSTORE_PATH="/usr/share/wazuh-dashboard/config/opensearch_dashboards.keystore"
if [ ! -f "$KEYSTORE_PATH" ]; then
echo "DASHBOARD_INIT: Creating dashboard keystore..."
# The --allow-root flag is often needed if running as root
/usr/share/wazuh-dashboard/bin/opensearch-dashboards-keystore create 2>/dev/null || true
fi
# Start dashboard in background
echo "DASHBOARD_INIT: Configuration complete, starting dashboard..."
/entrypoint.sh &
DASHBOARD_PID=$!
# Give the process a moment to start and resolve its sub-processes
sleep 5
# Robust PID tracking: looking for the actual Node.js process if entrypoint isn't using exec
if ! kill -0 $DASHBOARD_PID 2>/dev/null; then
echo "DASHBOARD_INIT: Main PID $DASHBOARD_PID died, checking for sub-processes..."
# Look for opensearch-dashboards node process
ACTUAL_PID=$(pgrep -f "opensearch-dashboards" || echo "")
if [ -n "$ACTUAL_PID" ]; then
DASHBOARD_PID=$ACTUAL_PID
echo "DASHBOARD_INIT: Found actual dashboard process at PID $DASHBOARD_PID"
else
echo "DASHBOARD_INIT: ERROR - No dashboard process found!"
exit 1
fi
fi
# Periodic monitoring with migration lock detection
echo "MIGRATION_WATCHDOG: Monitoring dashboard startup (PID: $DASHBOARD_PID)..."
TIMEOUT=600 # Increase timeout to 10 minutes due to Indexer slowness
ELAPSED=0
MIGRATION_LOCK_DETECTED_AT=0
while [ $ELAPSED -lt $TIMEOUT ]; do
# Check if dashboard process is still alive
if ! kill -0 $DASHBOARD_PID 2>/dev/null; then
echo "MIGRATION_WATCHDOG: ERROR - Dashboard process (PID: $DASHBOARD_PID) died after ${ELAPSED}s!"
exit 1
fi
# Check if dashboard API is responding
API_STATUS=$(curl -sk -o /dev/null -w "%{http_code}" https://localhost:5601/api/status 2>/dev/null)
if [[ "$API_STATUS" == "200" || "$API_STATUS" == "302" || "$API_STATUS" == "401" ]]; then
echo "MIGRATION_WATCHDOG: Dashboard is responding (HTTP $API_STATUS) after ${ELAPSED}s"
# We don't break yet, we continue monitoring until it's "Stable" (HTTP 200)
if [ "$API_STATUS" == "200" ]; then
echo "MIGRATION_WATCHDOG: Dashboard is fully UP and Stable."
break
fi
fi
# Check for migration lock (stuck .kibana_1)
HTTP_CODE=$(curl -sk -u "${INDEXER_USERNAME:-admin}:${INDEXER_PASSWORD:-admin}" -o /dev/null -w "%{http_code}" "https://wazuh.indexer:9200/.kibana_1" 2>/dev/null)
if [ "$HTTP_CODE" = "200" ] && [ $MIGRATION_LOCK_DETECTED_AT -eq 0 ]; then
MIGRATION_LOCK_DETECTED_AT=$ELAPSED
echo "MIGRATION_WATCHDOG: Detected .kibana_1 index at ${ELAPSED}s, waiting for natural migration..."
fi
if [ "$HTTP_CODE" = "200" ] && [ $MIGRATION_LOCK_DETECTED_AT -gt 0 ]; then
STUCK_DURATION=$((ELAPSED - MIGRATION_LOCK_DETECTED_AT))
if [ $STUCK_DURATION -ge 240 ]; then # Increase to 4 minutes
echo "MIGRATION_WATCHDOG: Index stuck for ${STUCK_DURATION}s, cleaning up..."
curl -sk -u "${INDEXER_USERNAME:-admin}:${INDEXER_PASSWORD:-admin}" -X DELETE "https://wazuh.indexer:9200/.kibana_1" 2>/dev/null || true
kill $DASHBOARD_PID 2>/dev/null || true
exit 0
fi
fi
sleep 15
ELAPSED=$((ELAPSED + 15))
if [ $((ELAPSED % 60)) -eq 0 ]; then
echo "MIGRATION_WATCHDOG: Still waiting for dashboard (${ELAPSED}s, Status: $API_STATUS)..."
fi
done
echo "MIGRATION_WATCHDOG: Finalizing monitoring. Entering persistent loop."
# Keep watching the dashboard process
while kill -0 $DASHBOARD_PID 2>/dev/null; do
sleep 60
done
echo "DASHBOARD_INIT: Process died. Exiting."
exit 1